1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
|
<html>
<body>
<a href="../djb.html">D. J. Bernstein</a>
<br><a href="../web.html">Internet publication</a>
<br><a href="../djbdns.html">djbdns</a>
<h1>User's guide to name qualification</h1>
<b>Qualification</b> means conversion
of a short host name that you type, such as <tt>cheetah</tt>,
into a complete (``fully qualified'') domain name,
such as <tt>cheetah.heaven.af.mil</tt>.
<p>
This page explains the djbdns qualification procedure.
These rules are followed by the
<tt>dns_ip4_qualify</tt>
library routine in djbdns,
and by programs that use the <tt>dns_ip4_qualify</tt> routine.
<h2>Rewriting instructions</h2>
Normally the djbdns qualification procedure
follows instructions listed in <tt>/etc/dnsrewrite</tt>,
a file created by your system administrator.
You can override <tt>/etc/dnsrewrite</tt>
by creating your own file
and setting the <tt>$DNSREWRITEFILE</tt> environment variable
to the name of that file.
<p>
Sample instructions:
<pre>
# anything.local -> me
-.local:me
# me -> 127.0.0.1
=me:127.0.0.1
# any.name.a -> any.name.af.mil
*.a:.af.mil
# any-name-without-dots -> any-name-without-dots.heaven.af.mil
?:.heaven.af.mil
# remove trailing dot
*.:
</pre>
<p>
Instructions are followed in order, each at most once.
There are four types of instructions:
<ul>
<li><tt>=<i>post</i>:<i>new</i></tt>
means that the host name <tt><i>post</i></tt> is replaced by <tt><i>new</i></tt>.
<li><tt>*<i>post</i>:<i>new</i></tt>
means that any name of the form <tt><i>prepost</i></tt>
is replaced by <tt><i>prenew</i></tt>.
<li><tt>?<i>post</i>:<i>new</i></tt>
means that any name of the form <tt><i>prepost</i></tt>,
where <tt><i>pre</i></tt> does not contain dots or brackets,
is replaced by <tt><i>prenew</i></tt>.
<li><tt>-<i>post</i>:<i>new</i></tt>
means that any name of the form <tt><i>prepost</i></tt>
is replaced by <tt><i>new</i></tt>.
</ul>
<h2>Searching</h2>
The djbdns qualification procedure
can search through DNS for several possible qualifications of a name.
For example, the name
<pre>
cheetah+.heaven.af.mil+.af.mil
</pre>
is qualified as <tt>cheetah.heaven.af.mil</tt>
if that name has IP addresses listed in DNS,
or <tt>cheetah.af.mil</tt> otherwise.
<p>
In general,
<tt><i>x</i>+<i>y1</i>+<i>y2</i>+<i>y3</i></tt>
is qualified as <tt><i>xy1</i></tt>
if <tt><i>xy1</i></tt> has IP addresses listed in DNS;
otherwise, as <tt><i>xy2</i></tt>
if <tt><i>xy2</i></tt> has IP addresses listed in DNS;
otherwise, as <tt><i>xy3</i></tt>.
You can list any number of +'s.
<p>
Searching is applied after rewriting,
so you can use a rewriting instruction such as
<pre>
?:+.heaven.af.mil+.af.mil
</pre>
to have
<tt>lion</tt> qualified as <tt>lion.heaven.af.mil</tt> or <tt>lion.af.mil</tt>,
and
<tt>tiger</tt> qualified as <tt>tiger.heaven.af.mil</tt> or <tt>tiger.af.mil</tt>,
and so on.
<p>
Searching is generally not a recommended feature.
If you rely on <tt>gw</tt> being qualified as <tt>gw.af.mil</tt>,
and someone suddenly adds a new <tt>gw.heaven.af.mil</tt>,
you'll end up talking to the wrong host.
It's better to rely on syntactic rules that you control.
<h2>Compatibility mechanisms</h2>
If the rewriting-instructions file does not exist,
the djbdns qualification procedure looks for a local domain name in three places:
<ol>
<li>the <tt>$LOCALDOMAIN</tt> environment variable, if it is set; or
<li>the first <tt>domain</tt> or <tt>search</tt> line
in <tt>/etc/resolv.conf</tt>,
if <tt>/etc/resolv.conf</tt> exists and has such a line; or
<li>everything after the first dot in the system's hostname.
</ol>
It then creates rewriting instructions of the form
<pre>
?:.<i>domain</i>
*.:
</pre>
so that <tt>.<i>domain</i></tt> is added to any name without dots or brackets.
<p>
You can specify searching in <tt>$LOCALDOMAIN</tt>
by using several domain names separated by spaces.
Your system administrator can specify searching in <tt>/etc/resolv.conf</tt>
by putting several domains on a <tt>search</tt> line.
<h2>Compatibility notes</h2>
Different DNS client programs use different qualification procedures.
Two major differences between the djbdns qualification procedure
and other qualification procedures:
<ul>
<li>Most programs use only <tt>/etc/resolv.conf</tt>.
They don't know anything about
<tt>/etc/dnsrewrite</tt> and <tt>$DNSREWRITEFILE</tt>.
<li>Most long-running programs
don't notice changes in <tt>/etc/resolv.conf</tt>;
they read <tt>/etc/resolv.conf</tt> when they start,
and they don't reread it until they are restarted.
In contrast, the djbdns qualification procedure
checks for changes every 10 minutes or 10000 uses.
</ul>
Two minor differences:
<ul>
<li>Some programs interpret
a <tt>domain</tt> line in <tt>/etc/resolv.conf</tt>
as specifying a search list consisting of various suffixes of the domain.
<li>Many programs will search the local domain
for names <i>with</i> dots.
</ul>
If you want the local domain searched for names with dots,
you can set it up with rewriting:
<pre>
# aol.com -> aol.com or aol.com.heaven.af.mil
*:++.heaven.af.mil
# but skip directly to heaven.af.mil if no dots
?++.heaven.af.mil:.heaven.af.mil
</pre>
</ul>
</body>
</html>
|
